api/2.12/qgsauthcertutils_8h_source.html

 /***************************************************************************

     qgsauthcertutils.h

     ---------------------

     begin                : May 1, 2015

     copyright            : (C) 2015 by Boundless Spatial, Inc. USA

     author               : Larry Shaffer

     email                : lshaffer at boundlessgeo dot com

  ***************************************************************************

  *                                                                         *

  *   This program is free software; you can redistribute it and/or modify  *

  *   it under the terms of the GNU General Public License as published by  *

  *   the Free Software Foundation; either version 2 of the License, or     *

  *   (at your option) any later version.                                   *

  *                                                                         *

  ***************************************************************************/


 #ifndef QGSAUTHCERTUTILS_H

 #define QGSAUTHCERTUTILS_H


 #include <QtCrypto>

 #include <QSslCertificate>

 #include <QSslError>


 #include "qgsauthconfig.h"


 #if QT_VERSION >= 0x050000

 #define SSL_ISSUER_INFO( var, prop ) var.issuerInfo( prop ).first()

 #else

 #define SSL_ISSUER_INFO( var, prop ) var.issuerInfo( prop )

 #endif


 #if QT_VERSION >= 0x050000

 #define SSL_SUBJECT_INFO( var, prop ) var.subjectInfo( prop ).first()

 #else

 #define SSL_SUBJECT_INFO( var, prop ) var.subjectInfo( prop )

 #endif


 class CORE_EXPORT QgsAuthCertUtils

 {

   public:

     enum CaCertSource

     {

       SystemRoot = 0,

       FromFile = 1,

       InDatabase = 2,

       Connection = 3

     };


     enum CertTrustPolicy

     {

       DefaultTrust = 0,

       Trusted = 1,

       Untrusted = 2,

       NoPolicy = 3

     };


     enum CertUsageType

     {

       UndeterminedUsage = 0,

       AnyOrUnspecifiedUsage,

       CertAuthorityUsage,

       CertIssuerUsage,

       TlsServerUsage,

       TlsServerEvUsage,

       TlsClientUsage,

       CodeSigningUsage,

       EmailProtectionUsage,

       TimeStampingUsage,

       CRLSigningUsage

     };


     enum ConstraintGroup

     {

       KeyUsage = 0,

       ExtendedKeyUsage = 1

     };


     static QString getSslProtocolName( QSsl::SslProtocol protocol );


     static QMap<QString, QSslCertificate> mapDigestToCerts( const QList<QSslCertificate>& certs );


     static QMap< QString, QList<QSslCertificate> > certsGroupedByOrg( const QList<QSslCertificate>& certs );


     static QMap<QString, QgsAuthConfigSslServer> mapDigestToSslConfigs( const QList<QgsAuthConfigSslServer>& configs );


     static QMap< QString, QList<QgsAuthConfigSslServer> > sslConfigsGroupedByOrg( const QList<QgsAuthConfigSslServer>& configs );


     static QList<QSslCertificate> certsFromFile( const QString &certspath );


     static QSslCertificate certFromFile( const QString &certpath );


     static QSslKey keyFromFile( const QString &keypath,

                                 const QString &keypass = QString(),

                                 QString *algtype = 0 );


     static QList<QSslCertificate> certsFromString( const QString &pemtext );


     static QStringList certKeyBundleToPem( const QString &certpath,

                                            const QString &keypath,

                                            const QString &keypass = QString(),

                                            bool reencrypt = true );


     static QStringList pkcs12BundleToPem( const QString &bundlepath,

                                           const QString &bundlepass = QString(),

                                           bool reencrypt = true );


     static QString getCaSourceName( QgsAuthCertUtils::CaCertSource source , bool single = false );


     static QString resolvedCertName( const QSslCertificate& cert, bool issuer = false );


     static QString getCertDistinguishedName( const QSslCertificate& qcert,

         const QCA::Certificate& acert = QCA::Certificate(),

         bool issuer = false );


     static QString getCertTrustName( QgsAuthCertUtils::CertTrustPolicy trust );


     static QString getColonDelimited( const QString& txt );


     static QString shaHexForCert( const QSslCertificate &cert , bool formatted = false );


     static QCA::Certificate qtCertToQcaCert( const QSslCertificate& cert );


     static QCA::CertificateCollection qtCertsToQcaCollection( const QList<QSslCertificate>& certs );


     static QCA::KeyBundle qcaKeyBundle( const QString &path, const QString &pass );


     static QString qcaValidityMessage( QCA::Validity validity );


     static QString qcaSignatureAlgorithm( QCA::SignatureAlgorithm algorithm );


     static QString qcaKnownConstraint( QCA::ConstraintTypeKnown constraint );


     static QString certificateUsageTypeString( QgsAuthCertUtils::CertUsageType usagetype );


     static QList<QgsAuthCertUtils::CertUsageType> certificateUsageTypes( const QSslCertificate& cert );


     static bool certificateIsAuthority( const QSslCertificate& cert );


     static bool certificateIsIssuer( const QSslCertificate& cert );


     static bool certificateIsAuthorityOrIssuer( const QSslCertificate& cert );


     static bool certificateIsSslServer( const QSslCertificate& cert );


     static bool certificateIsSslClient( const QSslCertificate& cert );


     static QString sslErrorEnumString( QSslError::SslError errenum );


     static QList<QPair<QSslError::SslError, QString> > sslErrorEnumStrings();


   private:

     static void appendDirSegment_( QStringList &dirname, const QString &segment, QString value );

 };


 #endif // QGSAUTHCERTUTILS_H

QgsAuthCertUtils::TimeStampingUsage
Definition: qgsauthcertutils.h:75

QSslKey

QgsAuthCertUtils::TlsServerEvUsage
Definition: qgsauthcertutils.h:71

QgsAuthCertUtils::CertTrustPolicy
CertTrustPolicy
Type of certificate trust policy.
Definition: qgsauthcertutils.h:55

QMap

QgsAuthCertUtils::CodeSigningUsage
Definition: qgsauthcertutils.h:73

QgsAuthCertUtils::EmailProtectionUsage
Definition: qgsauthcertutils.h:74

QgsAuthCertUtils
Utilities for working with certificates and keys.
Definition: qgsauthcertutils.h:42

QgsAuthCertUtils::CertUsageType
CertUsageType
Type of certificate usage.
Definition: qgsauthcertutils.h:64

QgsAuthCertUtils::CertAuthorityUsage
Definition: qgsauthcertutils.h:68

QgsAuthCertUtils::CaCertSource
CaCertSource
Type of CA certificate source.
Definition: qgsauthcertutils.h:46

QgsAuthCertUtils::AnyOrUnspecifiedUsage
Definition: qgsauthcertutils.h:67

QString

QList< QSslCertificate >

QgsAuthCertUtils::ConstraintGroup
ConstraintGroup
Type of certificate key group.
Definition: qgsauthcertutils.h:80

QStringList

qgsauthconfig.h

QgsAuthCertUtils::CertIssuerUsage
Definition: qgsauthcertutils.h:69

QgsAuthCertUtils::TlsClientUsage
Definition: qgsauthcertutils.h:72

QgsAuthCertUtils::TlsServerUsage
Definition: qgsauthcertutils.h:70

QSslCertificate